Does anyone found a solution for this?

Upgraded the connector to the most latest version (i.e. 7.2.3.7789.0) since the Pulse Secure is officially supported by ArcSight.

However, the logs are not getting parsed. Device vendor/product still shows as Unix/Unix. Sample entries as follows;

Device Vendor : Unix

Device Product : Unix

Device Process Name : PulseSecure

Device Custom String1.Module  : PulseSecure

Name : 2016-07-03 11:32:12 - HostName - [127.0.0.1] System()[] - Removed expired user sessions from mail cache.  Number of cached sessions before cleanup: 0.  Number of sessions after cleanup: 0.

Please share if any of you got a solution for this. Thanks.

-Sudesh

Does anyone found a solution for this?

Upgraded the connector to the most latest version (i.e. 7.2.3.7789.0) since the Pulse Secure is officially supported by ArcSight.

However, the logs are not getting parsed. Device vendor/product still shows as Unix/Unix. Sample entries as follows;

Device Vendor : Unix

Device Product : Unix

Device Process Name : PulseSecure

Device Custom String1.Module  : PulseSecure

Name : 2016-07-03 11:32:12 - HostName - [127.0.0.1] System()[] - Removed expired user sessions from mail cache.  Number of cached sessions before cleanup: 0.  Number of sessions after cleanup: 0.

Please share if any of you got a solution for this. Thanks.

-Sudesh